PT-2011-2049 · Mozilla+1 · Firefox+2

Igor Bukanov

Publicado

2011-03-02

Atualizado

2017-09-19

CVE-2011-0055

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.5.17 Mozilla Firefox versions 3.6.x prior to 3.6.14 SeaMonkey versions prior to 2.0.12

Description A use-after-free issue in the JSON.stringify method might allow remote attackers to execute arbitrary code via unspecified vectors related to the js HasOwnProperty function and garbage collection.

Recommendations For Mozilla Firefox versions prior to 3.5.17, update to version 3.5.17 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.14, update to version 3.6.14 or later. For SeaMonkey versions prior to 2.0.12, update to version 2.0.12 or later.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2011-0055

DSA-2180-1

DSA-2186-1

DSA-2187-1

RHSA-2011:0310

RHSA-2011_0310

ZDI-11-103

Produtos afetados

Firefox

Red Hat

Seamonkey

PT-2011-2049 · Mozilla+1 · Firefox+2

CVE-2011-0055

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 26